🌐 🇵🇱 Polski · 🇬🇧 EN
The NIS standard, or Network Information Service, was introduced by SUN in 1980. At that time, it was a top-tier administrative database. The original name given to this solution by SUN was "Sun Yellow Pages," however, over time and due to legal aspects, this name was changed. Despite the name change, the syntax of NIS system commands begins with the characters "yp," which is a perfect association with the original name. The NIS system was very popular among many UNIX family system vendors and is supported by every Linux distribution. Currently, it is a somewhat outdated solution, and it is not recommended for new installations. The reason for this is related to difficulties encountered when integrating the environment with Windows family systems, as well as numerous issues regarding scalability and security. However, it is worth having knowledge in this area, not only because it is listed in the scope of information required for the RHS333 exam, but primarily because you may always encounter an older, already deployed environment in your work where this technology is still in use.
The NIS server is typically used to synchronize user account information from a single master server for the entire NIS domain, i.e., clients located within that NIS domain. NIS allows for sharing the contents of the files: /etc/passwd, /etc/shadow, and /etc/group. It should be remembered that the connection between servers and clients in the case of NIS is not encrypted, does not ensure data integrity, and does not guarantee adequate security. Passwords are sent as hashes, but even so, the level of security offered here is minimal. In the case of Red Hat Enterprise Linux, versions 1 and 2 of the NIS protocol are supported for both the server and clients. Additionally, for clients, the use of NIS version 3 (NIS+) is supported.
Required packages: ypserv
Daemons: ypserv, rpc.yppasswdd, rpc.ypxfrd
Scripts: ypserv, yppasswdd, ypxrfd
Ports: Dynamically allocated by portmap
Configuration:
/var/yp/* , /etc/ypserv.conf , /etc/yp.conf (for ypbind), /etc/sysconfig/network
Dependencies: portmap, ypbind, yp-tools
NIS - Data Model
The basic unit of data in NIS is a record, which is usually presented as a single line in a configuration file. The "master" server stores master copies of system files in their original locations, maintaining the original formats, which can be edited using text editors. The NIS server service makes the contents of these files available over the network. The entire environment, i.e., the master server and its clients, constitutes a so-called "NIS domain." To ensure that data processing runs at an appropriate speed, data files are processed into a database format using a hashing function. If files are modified on the master server, NIS can be notified to convert them into the hashed format.
Each record has its representation in the form of exactly one key; for this reason, a system file must be mapped in several ways. For example, the /etc/passwd file is processed into two maps: passwd.byname and passwd.byuid. The first map allows searching for a user by their name, and the second by their UID. However, if you want to list all records of the passwd file, any of the existing maps can be used. Because the hashing libraries used do not allow for preserving the order of records, it is not possible to reconstruct the original form of the passwd file from the NIS database.
Slave servers in an NIS domain can be used to store copies of maps, thereby offloading the master server, and thanks to this solution, the mechanism will continue to function even if one or more NIS servers fail.
If a file modification is performed on the "master" server, the corresponding map must be sent to the slave servers so that identical data is continuously available. Clients do not distinguish between the master server and slave servers.
NIS Operating Principle
NIS map files are stored in a single directory, usually the /var/yp location. The storage place for NIS files is customarily called the "NIS directory." The stored maps are saved in a hashed database format, in a subdirectory of the NIS directory named using the NIS domain. The naming and number of map files depend on the hashing library used. However, there is always at least one map (file) for each key used to search the files.
For example, in an NIS domain named "moja_domena_nis," the map files for the /etc/passwd file might have the names:
/var/yp/moja_domena_nis/passwd.byname
/var/yp/moja_domena_nis/passwd.byuid
NIS maps are generated using the makedbm command. However, calling this command is not necessary because the Makefile located in the /var/yp/ directory is used for this purpose. If any system file is modified, simply navigate to the /var/yp/ directory and then run the make command. This command will check the modification times of the files and their maps and will call the makedbm command for each map that needs to be updated.

Comments